From ca2870ff8e96c3e82ed2c0cc5607b35fbf8c4b4c Mon Sep 17 00:00:00 2001
From: Sinan Kaya <okaya@kernel.org>
Date: Mon, 24 Sep 2018 19:21:02 +0000
Subject: dnsmasq: CVE-2017-15107

* CVE-2017-15107
A vulnerability was found in Dnsmasq's implementation of DNSSEC.
Wildcard synthesized NSEC records could be improperly interpreted
to prove the non-existence of hostnames that actually exist.

Affects dnsmasq <= 2.78

CVE: CVE-2017-15107
Ref: https://access.redhat.com/security/cve/cve-2017-15107
Signed-off-by: Sinan Kaya <okaya@kernel.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 meta-networking/recipes-support/dnsmasq/dnsmasq_2.78.bb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'meta-networking/recipes-support/dnsmasq/dnsmasq_2.78.bb')

diff --git a/meta-networking/recipes-support/dnsmasq/dnsmasq_2.78.bb b/meta-networking/recipes-support/dnsmasq/dnsmasq_2.78.bb
index 4d1dc6e69e..d2465f82d6 100644
--- a/meta-networking/recipes-support/dnsmasq/dnsmasq_2.78.bb
+++ b/meta-networking/recipes-support/dnsmasq/dnsmasq_2.78.bb
@@ -2,6 +2,7 @@ require dnsmasq.inc
 
 SRC_URI += "\
     file://lua.patch \
+    file://CVE-2017-15107.patch \
 "
 
 SRC_URI[dnsmasq-2.78.md5sum] = "3bb97f264c73853f802bf70610150788"
-- 
cgit 1.2.3-korg